This page contains a Flash digital edition of a book.
-DATA PROTECTION & PRIVACY- EU Calls for Much Bigger Fines for Data Breaches

The EU's justice commissioner has called for bigger fines for companies that breach European data privacy laws. Viviane Reding dismissed recent fines for Google as "pocket money" and said the firm would have had to pay $1bn under her plans for privacy failings. Reding said such punishments were necessary to ensure firms took the use of personal data seriously and she wants far tougher laws that would introduce fines of up to 5% of the global annual turnover of a company for data breaches. The new proposals, currently under debate in the European parliament, aim to create a single EU regulator, which would be able to issue fines on behalf of all national watchdogs. The continuing row between Google and local data authorities was a case in point for why new laws were needed, she said. The Spanish data protection agency said that Google had collected information across almost 100 services but had not obtained the consent of people to gather information, or done enough to explain what would be done with the data. According to Reding, European trust in the way private companies store data is low.

Read more LIBE Draft Report Calls for 'Immediate Suspension' of Safe Harbor

The Civil Liberties, Justice and Home Affairs Committee (LIBE) of the European Parliament released its Draft Report on mass surveillance (the Report) following the NSA surveillance programme revelations of 2013, calling on the immediate suspension of data flows 'to any organization that has self-certified its adherence to the U.S. Safe Harbor Principles.' The Report, found that the Safe Harbor framework does not currently provide adequate protection for EU citizens and calls for its suspension. The Report states that 'trust has been profoundly shaken [and] in order to rebuild trust in all these dimensions a comprehensive plan is urgently needed.' Jan Philipp Albrecht, Member of the LIBE Committee said, "We need clear demands from the United States, underlined by drawing consequences on our side such as terminating the Safe Harbor decision." The Report also expressed concerns over the admissions by organisations such as Apple, Google, Microsoft and Facebook that 'they do not encrypt information and communications flowing between their data centres, thereby enabling intelligence services to intercept information.' Albrecht noted that, "…there is a need to strengthen [the Report] with clearer demands for stronger control of the collection and evaluation of private data and personal communications.”

Read more

New Data Protection Handbook Outlines Alternative Test for Determining Anonymisation

A new handbook on European data protection laws contains a different test from the one used by the UK's ICO for determining whether data is personal or anonymised for the purposes of data protection law. The document is non-binding but is designed to "raise awareness and improve knowledge of data protection rules in European Union and Council of Europe member states". EU data protection rules apply to the personal data of living 'data subjects' and not to where that data has been anonymised. Absolute anonymisation has become increasingly difficult in recent times due to the increasing volumes of data being generated and the availability of powerful technologies that allow information from one data set to be linked to information elsewhere. The watchdog's code made clear that the ICO would be unlikely to take enforcement action against organisations that disclose data they believe to have been anonymised when in fact it was not

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17